Alan, Thank you for the pointers to the source code. My colleague Colus Tang was quick to dive into the code and had to patch 2 files: ttls.c and rlm_eap_ttls.c to change the behavior from eap_mschap to eap_mschapv2. He tested the patch successfully using v1.1.3 on Linux and both TTLS-mschap and TTLS-mschav2 authentications worked fine. I tested the patch using v1.1.2 on Freebsd 5.3 and got the same successful authentications. Please review the attached patch for any additional improvements as needed. I am attaching two console outputs of 'radiusd -X' before and after the patch to show the behavior differences. Many thanks for the help. Mak -----Original Message----- From: freeradius-users-bounces+mmoussa=mmoussa.com@lists.freeradius.org [mailto:freeradius-users-bounces+mmoussa=mmoussa.com@lists.freeradius.org] On Behalf Of Alan DeKok Sent: Friday, October 06, 2006 6:18 AM To: FreeRadius users mailing list Subject: Re: Any luck with 802.1x authentication using TTLS with MSCHAPv2 ? "Mak Moussa" <mmoussa@mmoussa.com> wrote: > Would you still say that it is the ttls.c code, even though ttls w/mschap > worked fine? Yes. > I am looking for a differentiator in the code between mschap and mschapv2, Like the code I pointed you to? Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
<<attachment: winmail.dat>>